The threat was mostly present in Israel, but now seems to be inactive. ESET first discovered the botnet about a year ago.

PokerAgent was designed to find users who have credit cards and use them online, making them good targets for later attacks.

The bot was programmed to log into users Facebook accounts, and collect Zynga Poker statistics and the number of payment methods saved in the Facebook account.

The infected computers would receive a command to log in to a user's Facebook account. It would then lure that user's friends to a phishing site to collect their login credentials, as well.

ESET researchers showed a screenshot of Facebook's payment settings page. They then asserted that Facebook users should be nervous about their credit card numbers being exposed. But they did not demonstrate how hackers would access users' credit cards, since Facebook stores those on a separate system and does not expose the full number to users.

How the bot did put them at risk: By ascertaining via Facebook that they have used credit cards online, hackers could later target other attacks, using email phishing or other techniques outside of Facebook, to get at their cards.